Filters
total: 25087
filtered: 3355
-
Catalog
- Publications 3355 available results
- Journals 436 available results
- Conferences 242 available results
- Publishing Houses 2 available results
- People 237 available results
- Projects 17 available results
- Research Teams 1 available results
- e-Learning Courses 103 available results
- Events 4 available results
- Open Research Data 20690 available results
Chosen catalog filters
displaying 1000 best results Help
Search results for: COST OF INFORMATION SECURITY
-
Resilience and Security in Software Defined Networking
PublicationThis paper gives an overview of the most important issues on resilience and security in Software Defined Networking
-
Areas of research in maritime security
PublicationW referacie przedstawiono analizę ważniejszych aspektów dotyczących ochrony żeglugi (maritime security) oraz zaproponowano nowe kierunki rozwoju.
-
Functional safety and security assessment of the control and protection systems
PublicationW artykule zostały poruszone kluczowe aspekty integracji podejścia bezpieczeństwa funkcjonalnego ''safety'' i ochrony informacji ''security'' w rozproszonych systemach sterowania i zabezpieczeniowych. Próba integracji zagadnień ''safety'' @ ''security'' została zilustrowana na przykładzie systemu monitoringu i zabezpieczeń pracującego w obiekcie podwyższonego ryzyka.
-
Integrated safety and security analysis of hazardous plants and systems of critical infrastructure
PublicationThis article addresses an integrated safety and security analysis approach of hazardous industrial plants and systems of critical infrastructure. Nowadays due to new hazards that emerge there are opinions among experts that these issues require an integrated approach in life cycle, from the design concept, through the design and operation of the plant, to its decommissioning. It is proposed to start from an interesting methodology...
-
ASSESSMENT OF FINANCIAL SECURITY OF AN ENTERPRISE ON THE BASIS OF BEHAVIORAL ECONOMICS
PublicationThe article substantiates that the level of company’s financial security depends not so much on the indicators of its activity, but on its perception of decision-makers and other stakeholders. At the same time, this perception is formed due to the continuous participation of the stakeholder in operations, constant monitoring of financial indicators, the study of current approaches to enterprise management, changes in the environment,...
-
Clustering Context Items into User Trust Levels
PublicationAn innovative trust-based security model for Internet systems is proposed. The TCoRBAC model operates on user profiles built on the history of user with system interaction in conjunction with multi-dimensional context information. There is proposed a method of transforming the high number of possible context value variants into several user trust levels. The transformation implements Hierarchical Agglomerative Clustering strategy....
-
Security and Anonymity in Agent Systems
PublicationMany agent systems have been developed and suggested for commercial application. However, in spite of the significant potential offered by the agent paradigm, the lack of such important properties as security, anonymity and untracebility especially in open dynamical environment, such as the Internet, has blocked the active implementation of agent technologies. Protecting agent systems poses a more demanding challenge comparing...
-
On Software Unit Testing For Security and Performance Gain At Unit Level
PublicationPerformance and security are software (SW) application attributes situated on the opposite corners of system design. In the most drastic example the most secure component is the one totally isolated from the outside world, with communication performance reduced to zero level (e.g. disconnected physically from the network, placed inside a Faraday cage to eliminate possible wireless accessibility). On the other hand the most performance-optimized...
-
On Software Unit Testing For Improving Security And Performance Of Distributed Applications
PublicationPerformance and security are software (SW) application attributes situated on the opposite corners of system design. In the most drastic example the most secure component is the one totally isolated from the outside world, with communication performance reduced to zero level (e.g. disconnected physically from the network, placed inside a Faraday cage to eliminate possible wireless accessibility). On the other hand the most performance-optimized...
-
Software Agents for Computer Network Security
PublicationThe chapter presents applications of multi-agent technology for design and implementation of agent-based systems intended to cooperatively solve several critical tasks in the area of computer network security. These systems are Agent-based Generator of Computer Attacks (AGCA), Multi-agent Intrusion Detection and Protection System (MIDPS), Agent-based Environment for Simulation of DDoS Attacks and Defense (AESAD) and Mobile Agent...
-
Situational Awareness Network for the Electric Power System: the Architecture and Testing Metrics
PublicationThe contemporary electric power system is highly dependent on Information and Communication Technologies which results in its exposure to new types of threats, such as Advanced Persistent Threats (APT) or Distributed-Denial-of-Service (DDoS) attacks. The most exposed components are Industrial Control Systems in substations and Distributed Control Systems in power plants. Therefore, it is necessary to ensure the cyber security of...
-
Evaluating Security and Resilience of Critical Networked Infrastructures after Stuxnet
PublicationThe chapter presents the current configuration of the simulation environment for the evaluations of the security and resilience of critical networked infrastructures, which enables simulations of Stuxnet-like attacks. The configuration includes new features added to the MAlSim - Mobile Agent Malware Simulator after the advent of Stuxnet in reference to the experiments aiming at the security evaluation of a power plant which we...
-
Enhancing Security of Advanced Metering Infrastructure by Introducing Threshold Attendance Protocol
PublicationThe industry pushes towards smart grid systems in order to resolve current limitations of the unidirectional legacy power grid infrastructure. By introducing Advanced Metering Infrastructure (AMI) as an integral part of the smart grid solution, the utility company obtains an invaluable tool to optimize its network, lower the operational costs, and improve quality of service. Unfortunately, introducing two-way communication poses...
-
Threat intelligence platform for the energy sector
PublicationIn recent years, critical infrastructures and power systems in particular have been subjected to sophisticated cyberthreats, including targeted attacks and advanced persistent threats. A promising response to this challenging situation is building up enhanced threat intelligence that interlinks information sharing and fine-grained situation awareness. In this paper a framework which integrates all levels of threat intelligence...
-
Secure access control and information protection mechanisms in radio system for monitoring and acquisition of data from traffic enforcement cameras
PublicationThe study presents the architecture of the Radio System for Monitoring and Acquisition of Data from Traffic Enforcement Cameras (in short: RSMAD), particularly concerning access control and protection of confidential data. RSMAD security structure will be discussed in relation to network security issues. Additionally, the paper presents the results of the work associated with the modelling of potential threats to system security.
-
Towards systemic functional safety and security management in hazardous plants
PublicationThe aim of this article is to identify and discuss some issues related to functional safety and security management in hazardous industrial plants. The safety functions are to be realised using the electric / electronic / programmable electronic systems (E/E/PESs) or the safety instrumented systems (SISs) that are designed and operated respectively according to IEC 61508 and IEC 61511 requirements in life cycle. Although the role...
-
Business continuity management framework for Industry 4.0 companies regarding dependability and security of the ICT and ICS/SCADA system
PublicationThis chapter addresses a business continuity management (BCM) framework for the Industry 4.0 companies including the organizational and technical solutions, regarding the dependability and security of the information and telecommunication technology (ICT), and the industrial control system (ICS) / supervisory control and data acquisition (SCADA) system. These technologies and systems play nowadays important roles in modern advanced...
-
Graph security testing
PublicationSet S ⊂ V is called secure set iff ∀ X ⊂ S | N [ X ] ∩ S | ≥ | N ( X ) \ S | [3]. That means that every subset of a secure set has at least as many friends (neighbour vertices in S) as enemies (neighbour vertices outside S) and will be defended in case of attack. Problem of determining if given set is secure is co −NP -complete, there is no efficient algorithm solving it [3]. Property testers are algorithms that distinguish inputs...
-
Security of export transactions in the offer of leading banks on the Polish market
PublicationThe following article presents the so-called conditioned payment methods, i.e. instruments for securing export transactions, such as letter of credit, documentary collection, bank guarantees, factoring and forfaiting. The characteristics of each particular method are presented as well as the transactions using them are described. In the following paper, the author included also the leading Polish banks, which offer the above- mentioned...
-
Systems engineering approach to functional safety and cyber security of industrial critical installations
PublicationThis chapter addresses the systems engineering approach to integrated functional safety and cybersecurity analysis and management regarding selected references, standards and requirements concerning critical installations and their industrial automation and control system (IACS). The objective is to mitigate the vulnerability of industrial installations that include the information technology (IT) and the operational technology...
-
Systems engineering approach to functional safety and cyber security of industrial critical installations
PublicationThis chapter addresses the systems engineering approach to integrated functional safety and cybersecurity analysis and management regarding selected references, standards and requirements concerning critical installations and their industrial automation and control system (IACS). The objective is to mitigate the vulnerability of industrial installations that include the information technology (IT) and the operational technology...
-
Quantum key distribution based on private states: Unconditional security over untrusted channels with zero quantum capacity
PublicationIn this paper, we prove unconditional security for a quantum key distribution (QKD) protocol based on distilling pbits (twisted ebits) from an arbitrary untrusted state that is claimed to contain distillable key. Our main result is that we can verify security using only public communication-via parameter estimation of the given untrusted state. The technique applies even to bound-entangled states, thus extending QKD to the regime...
-
Quality Model for Integrated Security Monitoring and Control in Water Distribution Systems
PublicationThis article addresses the problem of drinking water distribution system (DWDS) security in the terms of water quality which in the era of terrorist threat is of high importance to the public. The contribution of this paper is the development of the so called security module to extend a multi-species water quality model. This gives an insight to the situation in DWDS not only under normal operational conditions but also in case...
-
Determining and verifying the safety integrity level of the safety instrumented systems with the uncertainty and security aspects
PublicationSafety and security aspects consist of two different group of functional requirements for the control and protection systems. In the paper it is proposed that the security analysis results can be used as a factor increasing or decreasing the risk level. It concerns a process of determining required safety integrity level of given safety functions. The authors propose a new approach for functional safety risk analysis. In this case...
-
Knowledge-based functional safety and security management in hazardous industrial plants with emphasis on human factors
PublicationExisting and emerging new hazards have significant potential to impact destructively operation of technical systems, hazardous plants, and systems / networks of critical infrastructure. The programmable control and protection systems play nowadays an important role in reducing and controlling risk in the process of hazardous plant operation. It is outlined how to deal with security related hazards concerning such systems to be...
-
Koncepcja platformy wymiany informacji o incydentach cyberbezpieczeństwa dla krajowego systemu elektroenergetycznego
PublicationArtykuł opisuje wybrane zagadnienia związane z cyberbezpieczeństwem w sektorze elektroenergetyki. Jednym z elementów zapewniania bezpieczeństwa sieci elektro-energetycznej jest efektywna wymiana informacji o incydentach bezpieczeństwa. W jej ramach wszystkie zaangażowane podmioty systemu elektroenergetycznego, tj.: elektrownie, operatorzy systemów przesyłowych, operatorzy systemów dystrybucyjnych, dostawcy rozwiązań bezpieczeństwa,...
-
AUTONOMOUS PLATFORM TO PROTECT MARITIME INFRASTRUCTURE FACILITIES
PublicationProblems regarding the security of maritime infrastructure, especially harbours and offshore infrastructure, are currently a very hot topic. Due to these problems, there are some research projects in which the main goal is to decrease the gap and improve the methods of observation in the chosen area, for both in-air and underwater areas. The main goal of the paper is to show a new complex system for improving the security of the...
-
Organizational culture as prerequisite of proactive safety and security management in critical infrastructure systems including hazardous plants and ports
PublicationThis article addresses selected aspects of organizational culture to be considered in the context of knowledge based proactive safety and security management of plants, ports and systems of critical infrastructure. It has been often emphasized in the domain literature that business effectiveness of such plants and their resilience against hazards and threats to avoid major accidents depends substantially on human and organizational...
-
The impact of security aspects on functional safety analysis = Wpływ aspectów ochrony informacji na wyniki analiz bezpieczeństwa funkcjonalnego
PublicationIt can be said that a distributed control and protection system’s security level may have a significant impact on functional safety analyses and their results. However the issue of integrating those both aspects are difficult and usually is neglected during functional safety analyses. Known methods of functional safety analyses don’t take into consideration this kind of concept also. This paper discusses an attempt to integrate...
-
Evaluation of Open Source SIEM for Situation Awareness Platform in the Smart Grid Environment
PublicationThe smart grid as a large-scale system of systems has an exceptionally large surface exposed to cyber-attacks, including highly evolved and sophisticated threats such as Advanced Persistent Threats (APT) or Botnets. When addressing this situation the usual cyber security technologies are prerequisite, but not sufficient. The smart grid requires developing and deploying an extensive ICT infrastructure that supports significantly...
-
Weryfikacja Poziomów Nienaruszalności Bezpieczeństwa z uwzględnieniem Zagadnień Ochrony Informacji
PublicationNiniejszy rozdział poświęcono wybranym istotnym zagadnieniom analizy bezpieczeństwa funkcjonalnego, w szczególności weryfikacji poziomów nienaruszalności bezpieczeństwa SIL funkcji bezpieczeństwa implementowanych w rozproszonych systemach sterowania i zabezpieczeń z uwzględnieniem zagadnień ochrony informacji. Zaproponowano metodę opartą na informacji ilościowej i jakościowej do weryfikacji SIL (IEC 61508, 61511) z uwzględnieniem...
-
CIP Security Awareness and Training: Standards and Practice
PublicationThese are critical infrastructure employees who have access to the critical cyber assets in the first place. This situation is well recognised by international and national standardisation bodies which recommend security education, training and awareness as one of the key elements of critical infrastructure protection. In this chapter the standards are identified and their relevant areas are described. A practical implementation...
-
CIP Security Awareness and Training: Standards and Practice
PublicationThese are critical infrastructure employees who have access to the critical cyber assets in the first place. This situation is well recognized by international and national standardization bodies which recommend security education, training and awareness as one of the key elements of critical infrastructure protection. In this chapter the standards are identified and their relevant areas are described. A practical implementation...
-
ENISA Study: Challenges in Securing Industrial Control Systems
PublicationIn 2011, the European Network and Information Security Agency (ENISA) conducted a study in the domain of Industrial Control Systems (ICS). Its objective was to obtain the current view on the ICS protectionprimarily in Europe but also in the international context. The portrait' included threats, risks, and challenges in the area of ICS protection as well as national, pan European, and international initiatives on ICS security. The...
-
Guaranteeing Threshold Attendance of W/WSAN nodes in a reverted security paradigm
PublicationWe consider a Wireline/Wireless Sensor and Actor Network composed of sensor/actor nodes and a data sink/command center (DSCC). Each node controls a generic device that can be in- or out-of-service, corresponding to the ENABLED or DISABLED node state. The node senses the device's intention to change state, and notifies and/or requests the DSCC for authorization to act upon the device. Motivated by requirements for critical infrastructures...
-
INTEGRATED FUNCTIONAL SAFETY AND CYBERSECURITY ANALYSIS METHOD FOR SMART MANUFACTURING SYSTEMS
PublicationThis article addresses integrated functional safety and cybersecurity analysis with regard to: the generic functional safety standard IEC 61508 and the cyber security standard IEC 62443 concerning an industrial automation and control system (IACS). The objective is to mitigate the vulnerability of information technology (IT) and operational technology (OT) systems, and reduce relevant risks taking into account a set of fundamental...
-
Health monitoring services based on off-the-shelf mobile devices
PublicationDevelopment of health monitoring systems usually involves usage of dedicated devices with provided guarantees in terms of their reliability. Those devices raise the cost of the whole system, because of which such platforms are limited only to specific areas and constrained number of users. Usage of off-the- shelf devices could lower the cost and bring those systems to the masses. The paper covers possible uses of common off-the-shelf...
-
Cybersecurity and Privacy in Standards for Smart Grids – a Comprehensive Survey
PublicationResilient information and communications technologies are a prerequisite for reliable operation of smart grid. In recent years, many standards for the new form of electricity network have been proposed, which results in operators and other smart grid stakeholders having difficulties in finding the documents which can be related to their particular problems. The purpose of this paper is to bring in all smart grid standards that...
-
Wykorzystanie analizy kosztów w zarządzaniu szpitalem publicznym
PublicationProblemy z finansowaniem opieki zdrowotnej obserwowane są praktycznie na całym świecie. Jako przyczyny wzrostu wydatków uważa się głównie starzenie się populacji, złożoną naturę współczesnych chorób i szerokie wykorzystywanie kosztownych technologii. Systemy opieki zdrowotnej na całym świecie stają przed trudnym wyzwaniem zwiększenia efektywności, co oznacza kontrolowanie kosztów, przy jednoczesnym zapewnieniu wysokiej jakości...
-
Choosing the Right Cybersecurity Solution: A Review of Selection and Evaluation Criteria
PublicationInformation technologies evolve continuously reaching pioneering areas that bring in new cybersecurity challenges. Security engineering needs to keep pace with the advancing cyberthreats by providing innovative solutions. At the same time, the foundations that include security and risk assessment methodologies should remain stable. Experts are offered with an extensive portfolio of solutions and an informed choice of a particular...
-
Analiza bezpieczeństwa funkcjonalnego i ochrony informacji w rozproszonych systemach komputerowych pełniących funkcje sterowania i zabezpieczeń
PublicationW niniejszym artykule przedstawiona została problematyka związana z analizą bezpieczeństwa funkcjonalnego rozproszonych systemów sterowania i automatyki zabezpieczeniowej z uwzględnieniem zagadnień ochrony informacji. Powinny być one rozpatrywane w sposób zintegrowany w zależności od rodzaju komunikacji stosowanej do transmisji danych. W tym celu zaproponowano podział analizowanych systemów na trzy kategorie. Zaproponowane podejście...
-
Analiza bezpieczeństwa funkcjonalnego i ochrony informacji w rozproszonych systemach komputerowych pełniących funkcje sterowania i zabezpieczeń
PublicationW niniejszym artykule przedstawiona została problematyka związana z analizą bezpieczeństwa funkcjonalnego rozproszonych systemów sterowania i automatyki zabezpieczeniowej z uwzględnieniem zagadnień ochrony informacji. Powinny być one rozpatrywane w sposób zintegrowany w zależności od rodzaju komunikacji stosowanej do transmisji danych. W tym celu zaproponowano podział analizowanych systemów na trzy kategorie. Zaproponowane podejście...
-
Current risk analysis and management issues in technical systems.
PublicationDealing with the reliability and safety of industrial hazardous plants requires taking into account relevant interdisciplinary scientific knowledge and some existing approaches based on so-called good engineering practice, also those included in the international standards and guidelines. In this article an approach is proposed how to integrate the functional safety concept with information security aspects in the design and management...
-
KONCEPCJA WSPÓŁPRACY SYSTEMU STRUMIENIOWEJ TRANSMISJI DANYCH CZASU RZECZYWISTEGO STRADAR Z EUROPEJSKIM SYSTEMEM EUROSUR
PublicationPrzedstawiono koncepcję współpracy systemów STRADAR i EUROSUR, w celu wymiany informacji związanych z ochroną granic UE. Opisano cechy zrealizowanego demonstratora STRADAR i zasady komunikacji oraz bezpieczeństwa wymiany informacji w systemie EUROSUR. Opisano warianty wymiany infor-macji pomiędzy systemami STRADAR i EUROSUR, od najprostszych, możliwych do zastosowania w obecnej wersji STRADAR, do zautomatyzowanych, wymagających...
-
VISUALIZATION OF SCANTER AND ARPA RADAR DATA IN THE DISTRIBUTED TELEINFORMATION SYSTEM FOR THE BORDER GUARD
PublicationMonitoring of country maritime border is an important task of the Border Guard. This activity can be enhanced with the use of the technology enabling gathering information from distributed sources, processing of that information and its visualization. The paper presents the next stage of development of the STRADAR project (Streaming of real-time data transmission in distributed dispatching and teleinformation systems of the Border...
-
Performance and Security Testing for Improving Quality of Distributed Applications Working in Public/Private Network Environments
PublicationThe goal of this dissertation is to create an integrated testing approach to distributed applications, combining both security and performance testing methodologies, allowing computer scientist to achieve appropriate balance between security and performance charakterstics from application requirements point of view. The constructed method: Multidimensional Approach to Quality Analysis (MA2QA) allows researcher to represent software...
-
Architecture of security and application layer structure of radio system for monitoring and acquisition of data from traffic enforcement cameras
PublicationThe study presents architecture of security and application layer structure of Radio System for Monitoring and Acquisition of Data from Traffic Enforcement Cameras. It also provides general assumptions concerning the range of the system as well as its modules and application components.
-
Research Platform for Monitoring, Control and Security of Critical Infrastructure Systems
PublicationSustainable operation of Critical Infrastructure Systems (CISs) is of a major concern to modern societies. Monitoring, control and security of such systems plays a key role in guaranteeing continuous, reliable and above all secure access to the resources provided by these systems. Development of adequate software and hardware structures, as well as algorithms to perform such functions cannot be done apart from the operational conditions...
-
Toward Intelligent Vehicle Intrusion Detection Using the Neural Knowledge DNA
PublicationIn this paper, we propose a novel intrusion detection approach using past driving experience and the neural knowledge DNA for in-vehicle information system security. The neural knowledge DNA is a novel knowledge representation method designed to support discovering, storing, reusing, improving, and sharing knowledge among machines and computing systems. We examine our approach for classifying malicious vehicle control commands...
-
Software modules and application layer's security structure of RSMAD
PublicationThe paper discusses the software modules of Radio System for Monitoring and Acquisition of Data from Traffic Enforcement Cameras (in short RSMAD). The structure of the application layer of the system has also been analysed in details, including: purpose, structure and principles of operation of software modules constituting this system. In addition, the paper presents and discusses the structure of security of application layer...